3.4.5.2.10 Calling NetrLogonGetDomainInfo

The client MUST do the following:

• Have a secure channel established with a domain controller in the domain identified by domain-name and pass its name as the ServerName parameter.

• Pass a valid client Netlogon authenticator as the Authenticator parameter.

• Pass the Level parameter set to 1 or 2.

After the method returns, the client MUST verify the ReturnAuthenticator, as defined in section 3.1.4.5.

On receiving STATUS_ACCESS_DENIED, the client SHOULD<104> re-establish the secure channel with the domain controller.